March 15, 2023

Confidential Computing and Secure Enclaves with AWS's Arvind Raghu

Share In
How to Subscribe

For years engineers have relied on encryption at rest and transit to help protect sensitive data. However, historically data needs to be decrypted to actually use it, which risks the potential exposure of the underlying data. Confidential computing is a computing paradigm that aims to protect data in use, not just data in transit or at rest. The goal of confidential computing is to provide a secure computing environment where sensitive data can be processed without the risk of exposure or compromise.

AWS Nitro Enclaves is a service provided by Amazon Web Services (AWS) that enables customers to create isolated compute environments within their Amazon Elastic Compute Cloud (EC2) instances. In a Nitro Enclave, the application code and data are encrypted and processed inside the enclave, ensuring that they are protected from both the hypervisor and the host operating system. This makes Nitro Enclaves ideal for workloads that require a high level of security, such as confidential computing, secure machine learning, and blockchain-based applications.

Arvind Rague, Principal Specialist in EC2 and Confidential Computing at AWS, joins the show to explain confidential computing, AWS Nitro Enclaves, and the use cases this technology unlocks.

Topics:

  • What is confidential computing?
  • What’s the motivation behind the investment in this technology?
  • What are some of the problems this approach to privacy and security solves that were previously a potential vulnerability for companies?
  • How does a hardware-based trusted execution environment prevent a bad actor from executing unauthorized code? How is the memory space protected?
  • Can you explain how Nitro Enclaves enhance the security of confidential computing on AWS?
  • What’s the process for using Nitro Enclaves versus a standard EC2 instance
  • How do I go about using Nitro Enclave for performing an operation on sensitive data? What does the programming process look like to do that?
  • What are some use cases that you’ve seen that you are particularly excited about?
  • How can Nitro Enclaves be used to protect sensitive data in specific use cases, such as financial services or healthcare?
  • Are there any limitations or trade-offs to consider when using Nitro Enclaves for confidential computing?
  • What innovations or business directions do you think secure enclaves will enable in the future?
  • What’s next for Nitro Enclaves? Anything you can share?
  • Where do you see the area of confidential computing going in the next 5-10 years?

Resources:

Other Podcast

February 22, 2023

Data Residency: A Technical Perspective with Skyflow's Manish Ahluwalia

In this episode, Manish Ahluwalia, the field CTO of Skyflow, discusses the technical aspects of data residency and the usage of a data privacy vault. He explains the concept of data residency and data localization.

February 15, 2023

Data Backup and Disaster Recovery with Druva’s W. Curtis Preston

W. Curtis Preston has been working in backup and disaster recovery for nearly 30 years and has written five books on the subject. He joins the show to discuss backup and recovery missteps, best practices, and how Druva, the SaaS-based backup and recovery platform helps businesses offload backup responsibility.

February 8, 2023

Secure Multi-Party Computation Explained with Skyflow's Liz Acosta

Liz Acosta, Developer Advocate at Skyflow, joins the show to explain secure multi-party computation (SMPC) and share her recent research into the subject. We begin by explaining the basic concept of SMPC and how it differs from traditional methods of computation.